package team.bluepen.order.web.servlet.user;

import team.bluepen.order.ErrorPack;
import team.bluepen.order.constant.Constant;
import team.bluepen.order.constant.ErrorCode;
import team.bluepen.order.data.database.mysql.UserRepository;
import team.bluepen.order.data.entity.Role;
import team.bluepen.order.data.entity.User;
import team.bluepen.order.util.StringUtil;
import team.bluepen.order.util.UserChecker;
import team.bluepen.order.web.servlet.BaseServlet;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * @author RollW
 */
@WebServlet(name = "UserEditServlet", urlPatterns = "/api/user/edit")
public class UserEditServlet extends BaseServlet {
    public static final String ID_PARAM = "id";
    public static final String USERNAME_PARAM = UserCreateServlet.USERNAME_PARAM;
    public static final String PASSWORD_PARAM = UserCreateServlet.PASSWORD_PARAM;
    public static final String ROLE_PARAM = UserCreateServlet.ROLE_PARAM;

    @Override
    protected void post(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
        String username = req.getParameter(USERNAME_PARAM);
        String password = req.getParameter(PASSWORD_PARAM);
        String roleString = req.getParameter(ROLE_PARAM);
        String idParam = req.getParameter(ID_PARAM);
        setJsonHeader(resp);
        if (StringUtil.isEmpty(idParam)) {
            writeJson(resp, new ErrorPack(ErrorCode.ERROR_PARAM_MISSING,
                    "id param missing.").toCodePack());
            return;
        }
        User loginUser = (User) req.getSession().getAttribute(Constant.SESSION_USER);
        if (loginUser == null || (loginUser.getId() != Long.parseLong(idParam) &&
                loginUser.getRole() != Role.ADMIN)) {
            writeJson(resp, new ErrorPack(ErrorCode.ERROR_ILLEGAL_ACCESS,
                    "Non-administrator users are not allowed to edit user data.")
                    .toCodePack());
            return;
        }

        Role role = Role.get(roleString);
        UserRepository repository = new UserRepository();
        User user = repository.getUserDao().get(Long.parseLong(idParam));
        if (role != null) {
            user.setRole(role);
        }
        if (!StringUtil.isEmpty(password)) {
            user.setPassword(password);
        }
        if (!StringUtil.isEmpty(username) && repository.getUserDao().get(username) != null) {
            writeJson(resp, new ErrorPack(ErrorCode.ERROR_USER_EXISTED,
                    "The user name is duplicate.").toCodePack());
            return;
        }
        if (!StringUtil.isEmpty(username)) {
            user.setUsername(username);
        }
        ErrorCode checkCode = UserChecker.checkUser(user);
        if (!checkCode.getState()) {
            writeJson(resp, new ErrorPack(checkCode, checkCode.toString())
                    .toCodePack());
            return;
        }
        repository.getUserDao().insert(user);
        writeJson(resp, new ErrorPack(ErrorCode.SUCCESS, "SUCCESS")
                .toCodePack());
    }
}
